1*700637cbSDimitry Andric// -*- C++ -*- 2*700637cbSDimitry Andric//===----------------------------------------------------------------------===// 3*700637cbSDimitry Andric// 4*700637cbSDimitry Andric// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 5*700637cbSDimitry Andric// See https://llvm.org/LICENSE.txt for license information. 6*700637cbSDimitry Andric// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 7*700637cbSDimitry Andric// 8*700637cbSDimitry Andric//===----------------------------------------------------------------------===// 9*700637cbSDimitry Andric 10*700637cbSDimitry Andric#ifndef _LIBCPP___CXX03___ASSERT 11*700637cbSDimitry Andric#define _LIBCPP___CXX03___ASSERT 12*700637cbSDimitry Andric 13*700637cbSDimitry Andric#include <__assertion_handler> // Note: this include is generated by CMake and is potentially vendor-provided. 14*700637cbSDimitry Andric#include <__cxx03/__config> 15*700637cbSDimitry Andric 16*700637cbSDimitry Andric#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER) 17*700637cbSDimitry Andric# pragma GCC system_header 18*700637cbSDimitry Andric#endif 19*700637cbSDimitry Andric 20*700637cbSDimitry Andric#define _LIBCPP_ASSERT(expression, message) \ 21*700637cbSDimitry Andric (__builtin_expect(static_cast<bool>(expression), 1) \ 22*700637cbSDimitry Andric ? (void)0 \ 23*700637cbSDimitry Andric : _LIBCPP_ASSERTION_HANDLER(__FILE__ ":" _LIBCPP_TOSTRING(__LINE__) ": assertion " _LIBCPP_TOSTRING( \ 24*700637cbSDimitry Andric expression) " failed: " message "\n")) 25*700637cbSDimitry Andric 26*700637cbSDimitry Andric// TODO: __builtin_assume can currently inhibit optimizations. Until this has been fixed and we can add 27*700637cbSDimitry Andric// assumptions without a clear optimization intent, disable that to avoid worsening the code generation. 28*700637cbSDimitry Andric// See https://discourse.llvm.org/t/llvm-assume-blocks-optimization/71609 for a discussion. 29*700637cbSDimitry Andric#if 0 && __has_builtin(__builtin_assume) 30*700637cbSDimitry Andric# define _LIBCPP_ASSUME(expression) \ 31*700637cbSDimitry Andric (_LIBCPP_DIAGNOSTIC_PUSH _LIBCPP_CLANG_DIAGNOSTIC_IGNORED("-Wassume") \ 32*700637cbSDimitry Andric __builtin_assume(static_cast<bool>(expression)) _LIBCPP_DIAGNOSTIC_POP) 33*700637cbSDimitry Andric#else 34*700637cbSDimitry Andric# define _LIBCPP_ASSUME(expression) ((void)0) 35*700637cbSDimitry Andric#endif 36*700637cbSDimitry Andric 37*700637cbSDimitry Andric// clang-format off 38*700637cbSDimitry Andric// Fast hardening mode checks. 39*700637cbSDimitry Andric 40*700637cbSDimitry Andric#if _LIBCPP_HARDENING_MODE == _LIBCPP_HARDENING_MODE_FAST 41*700637cbSDimitry Andric 42*700637cbSDimitry Andric// Enabled checks. 43*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message) 44*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message) 45*700637cbSDimitry Andric// Disabled checks. 46*700637cbSDimitry Andric// On most modern platforms, dereferencing a null pointer does not lead to an actual memory access. 47*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_NULL(expression, message) _LIBCPP_ASSUME(expression) 48*700637cbSDimitry Andric// Overlapping ranges will make algorithms produce incorrect results but don't directly lead to a security 49*700637cbSDimitry Andric// vulnerability. 50*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSUME(expression) 51*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_DEALLOCATION(expression, message) _LIBCPP_ASSUME(expression) 52*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(expression, message) _LIBCPP_ASSUME(expression) 53*700637cbSDimitry Andric# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSUME(expression) 54*700637cbSDimitry Andric# define _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(expression, message) _LIBCPP_ASSUME(expression) 55*700637cbSDimitry Andric# define _LIBCPP_ASSERT_PEDANTIC(expression, message) _LIBCPP_ASSUME(expression) 56*700637cbSDimitry Andric# define _LIBCPP_ASSERT_SEMANTIC_REQUIREMENT(expression, message) _LIBCPP_ASSUME(expression) 57*700637cbSDimitry Andric# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression) 58*700637cbSDimitry Andric# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSUME(expression) 59*700637cbSDimitry Andric 60*700637cbSDimitry Andric// Extensive hardening mode checks. 61*700637cbSDimitry Andric 62*700637cbSDimitry Andric#elif _LIBCPP_HARDENING_MODE == _LIBCPP_HARDENING_MODE_EXTENSIVE 63*700637cbSDimitry Andric 64*700637cbSDimitry Andric// Enabled checks. 65*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message) 66*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message) 67*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_NULL(expression, message) _LIBCPP_ASSERT(expression, message) 68*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSERT(expression, message) 69*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_DEALLOCATION(expression, message) _LIBCPP_ASSERT(expression, message) 70*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(expression, message) _LIBCPP_ASSERT(expression, message) 71*700637cbSDimitry Andric# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSERT(expression, message) 72*700637cbSDimitry Andric# define _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(expression, message) _LIBCPP_ASSERT(expression, message) 73*700637cbSDimitry Andric# define _LIBCPP_ASSERT_PEDANTIC(expression, message) _LIBCPP_ASSERT(expression, message) 74*700637cbSDimitry Andric# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSERT(expression, message) 75*700637cbSDimitry Andric// Disabled checks. 76*700637cbSDimitry Andric# define _LIBCPP_ASSERT_SEMANTIC_REQUIREMENT(expression, message) _LIBCPP_ASSUME(expression) 77*700637cbSDimitry Andric# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression) 78*700637cbSDimitry Andric 79*700637cbSDimitry Andric// Debug hardening mode checks. 80*700637cbSDimitry Andric 81*700637cbSDimitry Andric#elif _LIBCPP_HARDENING_MODE == _LIBCPP_HARDENING_MODE_DEBUG 82*700637cbSDimitry Andric 83*700637cbSDimitry Andric// All checks enabled. 84*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSERT(expression, message) 85*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSERT(expression, message) 86*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_NULL(expression, message) _LIBCPP_ASSERT(expression, message) 87*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSERT(expression, message) 88*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_DEALLOCATION(expression, message) _LIBCPP_ASSERT(expression, message) 89*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(expression, message) _LIBCPP_ASSERT(expression, message) 90*700637cbSDimitry Andric# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSERT(expression, message) 91*700637cbSDimitry Andric# define _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(expression, message) _LIBCPP_ASSERT(expression, message) 92*700637cbSDimitry Andric# define _LIBCPP_ASSERT_PEDANTIC(expression, message) _LIBCPP_ASSERT(expression, message) 93*700637cbSDimitry Andric# define _LIBCPP_ASSERT_SEMANTIC_REQUIREMENT(expression, message) _LIBCPP_ASSERT(expression, message) 94*700637cbSDimitry Andric# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSERT(expression, message) 95*700637cbSDimitry Andric# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSERT(expression, message) 96*700637cbSDimitry Andric 97*700637cbSDimitry Andric// Disable all checks if hardening is not enabled. 98*700637cbSDimitry Andric 99*700637cbSDimitry Andric#else 100*700637cbSDimitry Andric 101*700637cbSDimitry Andric// All checks disabled. 102*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_INPUT_RANGE(expression, message) _LIBCPP_ASSUME(expression) 103*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(expression, message) _LIBCPP_ASSUME(expression) 104*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_NULL(expression, message) _LIBCPP_ASSUME(expression) 105*700637cbSDimitry Andric# define _LIBCPP_ASSERT_NON_OVERLAPPING_RANGES(expression, message) _LIBCPP_ASSUME(expression) 106*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_DEALLOCATION(expression, message) _LIBCPP_ASSUME(expression) 107*700637cbSDimitry Andric# define _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(expression, message) _LIBCPP_ASSUME(expression) 108*700637cbSDimitry Andric# define _LIBCPP_ASSERT_COMPATIBLE_ALLOCATOR(expression, message) _LIBCPP_ASSUME(expression) 109*700637cbSDimitry Andric# define _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(expression, message) _LIBCPP_ASSUME(expression) 110*700637cbSDimitry Andric# define _LIBCPP_ASSERT_PEDANTIC(expression, message) _LIBCPP_ASSUME(expression) 111*700637cbSDimitry Andric# define _LIBCPP_ASSERT_SEMANTIC_REQUIREMENT(expression, message) _LIBCPP_ASSUME(expression) 112*700637cbSDimitry Andric# define _LIBCPP_ASSERT_INTERNAL(expression, message) _LIBCPP_ASSUME(expression) 113*700637cbSDimitry Andric# define _LIBCPP_ASSERT_UNCATEGORIZED(expression, message) _LIBCPP_ASSUME(expression) 114*700637cbSDimitry Andric 115*700637cbSDimitry Andric#endif // _LIBCPP_HARDENING_MODE == _LIBCPP_HARDENING_MODE_FAST 116*700637cbSDimitry Andric// clang-format on 117*700637cbSDimitry Andric 118*700637cbSDimitry Andric#endif // _LIBCPP___CXX03___ASSERT 119